Sapienza Università di Roma

€30,000

Insufficient technical and organisational measures to ensure information security

Beslissingsdatum

23 januari 2020

Autoriteit

Italian Data Protection Authority (Garante)

IT

Sector

Public Sector and Education

Land

IT

Wet

GDPR

Status

FINAL

Beschrijving

The fine is based on the fact that, according to the data protection authority, the Sapienza Università made available online identification data of two people who had reported possible illegal behaviour to the university. This was due to the lack of adequate technical access control measures within the whisleblowing management system, which had not limited access to such data to authorized personnel only.

Juridische citaten

Art. 5 (1)Art. 32

Problemen en overtredingen

Insufficient technical and organisational measures to ensure information security
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Italian Data Protection Authority (Garante) - Azie...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.